public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "marxin at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug tree-optimization/98513] New: [10/11 Regression] Wrong code with -O3 since r10-2804-gbf05a3bbb58b3558 Date: Mon, 04 Jan 2021 15:21:14 +0000 [thread overview] Message-ID: <bug-98513-4@http.gcc.gnu.org/bugzilla/> (raw) https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98513 Bug ID: 98513 Summary: [10/11 Regression] Wrong code with -O3 since r10-2804-gbf05a3bbb58b3558 Product: gcc Version: 11.0 Status: UNCONFIRMED Keywords: wrong-code Severity: normal Priority: P3 Component: tree-optimization Assignee: unassigned at gcc dot gnu.org Reporter: marxin at gcc dot gnu.org CC: acoplan at gcc dot gnu.org, rguenth at gcc dot gnu.org Target Milestone: --- It's reduced from a yarpgen test-case: $ cat combined.cc extern unsigned long long var_20; extern unsigned short arr_8[][26][1][1][11]; const int &max(int &a, const int &b) { return a > b ? a : b; } int test___trans_tmp_1, var_5 = -1251116163, var_6 = -1745956746; void test(int var_5, int var_6, signed char arr_1[][26][19]) { for (unsigned i_0 = 0; i_0 < 21; i_0 += 2) for (int i_2 = 0; i_2 < 8; i_2 += 82) { for (int i_3 = 0; i_3 < test___trans_tmp_1; i_3 += 70) for (short i_4 = 0; i_4 < 20; i_4 += 4) var_20 = max(var_5, 0); for (int i_5 = 0; i_5 < 19; i_5 += 20) for (int i_6 = var_6 + 1745956746; i_6 < var_5 + 1251116173; i_6 += 1) arr_8[3][2][i_2][i_5][i_6] = arr_1[3][2][i_2]; } } unsigned long long var_20; signed char arr_1[1][26][19]; unsigned short arr_8[22][26][1][1][11]; int main() { test(var_5, var_6, arr_1); } $ g++-10 -O3 combined.cc -Wall -Wextra -Werror && timeout 2 valgrind ./a.out ==9389== Memcheck, a memory error detector ==9389== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==9389== Using Valgrind-3.16.1 and LibVEX; rerun with -h for copyright info ==9389== Command: ./a.out ==9389== ==9389== Invalid write of size 2 ==9389== at 0x401250: test(int, int, signed char (*) [26][19]) (in /home/marxin/Programming/yarpgen/objdir/S3105191294/a.out) ==9389== by 0x401035: main (in /home/marxin/Programming/yarpgen/objdir/S3105191294/a.out) ==9389== Address 0xffffffff00404740 is not stack'd, malloc'd or (recently) free'd ==9389== ==9389== ==9389== Process terminating with default action of signal 11 (SIGSEGV): dumping core ==9389== Access not within mapped region at address 0xFFFFFFFF00404740 ==9389== at 0x401250: test(int, int, signed char (*) [26][19]) (in /home/marxin/Programming/yarpgen/objdir/S3105191294/a.out) ==9389== by 0x401035: main (in /home/marxin/Programming/yarpgen/objdir/S3105191294/a.out) ==9389== If you believe this happened as a result of a stack ==9389== overflow in your program's main thread (unlikely but ==9389== possible), you can try to increase the size of the ==9389== main thread stack using the --main-stacksize= flag. ==9389== The main thread stack size used in this run was 8388608. ==9389== ==9389== HEAP SUMMARY: ==9389== in use at exit: 0 bytes in 0 blocks ==9389== total heap usage: 1 allocs, 1 frees, 72,704 bytes allocated ==9389== ==9389== All heap blocks were freed -- no leaks are possible ==9389== ==9389== For lists of detected and suppressed errors, rerun with: -s ==9389== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) timeout: the monitored command dumped core Segmentation fault It should not contain any undefined behavior, verified with: $ clang++ combined.cc -Wall -Wextra -Werror && timeout 1 ./a.out && g++ combined.cc -Wall -Wextra -Werror && timeout 1 ./a.out && g++-10 -fsanitize=address,undefined -fno-sanitize-recover=all combined.cc && timeout 2 ./a.out
next reply other threads:[~2021-01-04 15:21 UTC|newest] Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-01-04 15:21 marxin at gcc dot gnu.org [this message] 2021-01-04 15:21 ` [Bug tree-optimization/98513] " marxin at gcc dot gnu.org 2021-01-04 15:41 ` marxin at gcc dot gnu.org 2021-01-04 16:24 ` marxin at gcc dot gnu.org 2021-01-04 16:33 ` marxin at gcc dot gnu.org 2021-01-05 9:21 ` marxin at gcc dot gnu.org 2021-01-05 9:24 ` marxin at gcc dot gnu.org 2021-01-05 9:28 ` marxin at gcc dot gnu.org 2021-01-05 9:28 ` rguenth at gcc dot gnu.org 2021-01-05 15:55 ` amacleod at redhat dot com 2021-01-05 16:04 ` rguenth at gcc dot gnu.org 2021-01-05 16:40 ` rguenth at gcc dot gnu.org 2021-01-06 8:02 ` rguenth at gcc dot gnu.org 2021-01-06 8:26 ` rguenth at gcc dot gnu.org 2021-01-06 9:21 ` cvs-commit at gcc dot gnu.org 2021-01-06 9:33 ` [Bug tree-optimization/98513] [10 " marxin at gcc dot gnu.org 2021-01-12 15:23 ` cvs-commit at gcc dot gnu.org 2021-01-12 15:26 ` rguenth at gcc dot gnu.org 2021-10-06 22:34 ` pinskia at gcc dot gnu.org
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-98513-4@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).